If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Welcome to the new PC Perspective forums! Have a look around and tell us what you think in our feedback forum. If you notice any bugs or style issues, please report them in this thread.

Re: Virus Alerts/Security Warnings/Solutions

Ouch. To bad we have some enterprise applications (IE used by thousands of people in our company) that are not IE7 compatible.

Indeed. And you know which direction it's going plus it's only going to get worse.

I was visiting an organization today that haven't started planning a migration to Vista yet and who were surprised to learn that Windows XP availability (OEM and retail) becomes end of life in June this year (System Builder Licenses are available for a further 6 months), and they don't have a volume site license for XP (all their XP licenses are OEM that came preinstalled with the original equipment and are non-transferable). So come the summer, new kit WILL be running Vista regardless of whether they are prepared or not!

Re: Virus Alerts/Security Warnings/Solutions

Originally Posted by Ned Slider

Indeed. And you know which direction it's going plus it's only going to get worse.

I was visiting an organization today that haven't started planning a migration to Vista yet and who were surprised to learn that Windows XP availability (OEM and retail) becomes end of life in June this year (System Builder Licenses are available for a further 6 months), and they don't have a volume site license for XP (all their XP licenses are OEM that came preinstalled with the original equipment and are non-transferable). So come the summer, new kit WILL be running Vista regardless of whether they are prepared or not!

Re: Virus Alerts/Security Warnings/Solutions

Over 10,000 legitimate websites have been compromised and now have an iframe that will direct visitors to a malicious website hosted on 2117966.net. The malicious website attempts to exploit the vulnerability described in MS06-014 MS07-004, MS06-067, MS06-057and a number of ActiveX vulnerabilities.

Successful exploitation result in the installation of a password-stealing malicious program that attempts to steal the logon credentials from websites and online games.Recommended immediate action:

Block 2117966.net at your web proxyRecommended follow-up action:

Inspect your web proxy logs for visitors to 2117966.net. This will indicate who is potentially exposed. Check these systems to verify that their patches are up-to-date. Systems that are successfully compromised will begin sending traffic to 61.188.39.175
(http://www.shadowserver.org/wiki/pmw...endar.20080313). Search your proxy logs for systems generating those requests and reimage the infected machines.Protecting Browsers:

A properly-patched system should not be at-risk from this attack. It is recommened to use a browser that does not support ActiveX.Protecting Webservers:

Until details become available on how the iframe was injected, we have no recommendations.Missing information:

We currently do not have details on how the iframes were placed on the websites. If you are responsible for cleaning-up or investigating one of the defacements, please contact us if you have information on how the compromise occurred.
Update: Added additional exploit information

Update 2: Before you install the final release of Windows Vista SP1, you must uninstall any previous releases (Thanks Chris!). As detailed in this article.
Update 3: V3.0 of MS08-014 dated March 19, 2008 should fix the Excel issues.
Cheers,
Adrien de Beaupré
Bell Canada